Re: Enabling telnet, ftp, pop3 for root...



Michael Trausch wrote:

Can you create an ACL, though, that will manage to allow a user to
restart a system? Nope.

My first response, though correct, was done in a hurry and I did not want to
detail other solutions, such as:

Let's see if you actually know what you are talking about. You claim that
there can be no ACL that will allow a user to shut down the system. If I
can do it with just the standard user group permissions, it would be
possible to do it with ACLs
http://www.suse.de/~agruen/acl/linux-acls/online/

So, let's see if you can figure out what I did to allow a regular user to
shutdown a system.

The entry in /etc/group file:

shutdown:x:503:user1

Now let's see what the permissions are for shutdown:

ls -l /sbin/shutdown
-rwsr-xr-x 1 root shutdown 23520 Aug 23 2005 /sbin/shutdown*

Guess what, user1 can shutdown the system without being root or using sudo.
I thought you said it was not possible.

You should know what you are talking about before you enter a debate.
.